From eca4b504692146828a527cebf4dea6bcb8fdd159 Mon Sep 17 00:00:00 2001 From: Leandro Damascena Date: Wed, 10 Jul 2024 18:58:39 +0100 Subject: [PATCH 1/2] Fix bug in Max-Age attribute --- aws_lambda_powertools/shared/cookies.py | 4 +- tests/unit/test_cookie_class.py | 113 ++++++++++++++++++++++++ 2 files changed, 115 insertions(+), 2 deletions(-) create mode 100644 tests/unit/test_cookie_class.py diff --git a/aws_lambda_powertools/shared/cookies.py b/aws_lambda_powertools/shared/cookies.py index 1b57d860201..0e45e2d8a91 100644 --- a/aws_lambda_powertools/shared/cookies.py +++ b/aws_lambda_powertools/shared/cookies.py @@ -99,10 +99,10 @@ def __str__(self) -> str: if self.max_age: if self.max_age > 0: - payload.write(f"; MaxAge={self.max_age}") + payload.write(f"; Max-Age={self.max_age}") else: # negative or zero max-age should be set to 0 - payload.write("; MaxAge=0") + payload.write("; Max-Age=0") if self.http_only: payload.write("; HttpOnly") diff --git a/tests/unit/test_cookie_class.py b/tests/unit/test_cookie_class.py new file mode 100644 index 00000000000..0588b3be352 --- /dev/null +++ b/tests/unit/test_cookie_class.py @@ -0,0 +1,113 @@ +from datetime import datetime + +from aws_lambda_powertools.shared.cookies import Cookie, SameSite + + +def test_cookie_without_secure(): + # GIVEN a cookie without secure + cookie = Cookie(name="powertools", value="test", path="/", secure=False) + + # WHEN getting the cookie's attributes + # THEN the path attribute should be set to the provided value + assert cookie.secure is False + assert str(cookie) == "powertools=test; Path=/" + + +def test_cookie_with_path(): + # GIVEN a cookie with a path + cookie = Cookie(name="powertools", value="test", path="/") + + # WHEN getting the cookie's attributes + # THEN the path attribute should be set to the provided value + assert cookie.name == "powertools" + assert cookie.value == "test" + assert cookie.path == "/" + assert str(cookie) == "powertools=test; Path=/; Secure" + + +def test_cookie_with_domain(): + # GIVEN a cookie with a domain + cookie = Cookie(name="powertools", value="test", path="/", domain="example.com") + + # WHEN getting the cookie's attributes + # THEN the path attribute should be set to the provided value + assert cookie.name == "powertools" + assert cookie.value == "test" + assert cookie.path == "/" + assert cookie.domain == "example.com" + assert str(cookie) == "powertools=test; Path=/; Domain=example.com; Secure" + + +def test_cookie_with_expires(): + # GIVEN a cookie with a expires + time_to_expire = datetime(year=2022, month=12, day=31) + cookie = Cookie(name="powertools", value="test", path="/", expires=time_to_expire) + + # WHEN getting the cookie's attributes + # THEN the path attribute should be set to the provided value + assert cookie.name == "powertools" + assert cookie.value == "test" + assert cookie.path == "/" + assert cookie.expires == time_to_expire + assert str(cookie) == "powertools=test; Path=/; Expires=Sat, 31 Dec 2022 00:00:00 GMT; Secure" + + +def test_cookie_with_max_age_positive(): + # GIVEN a cookie with a positive max age + cookie = Cookie(name="powertools", value="test", path="/", max_age=100) + + # WHEN getting the cookie's attributes + # THEN the path attribute should be set to the provided value + assert cookie.name == "powertools" + assert cookie.value == "test" + assert cookie.path == "/" + assert cookie.max_age == 100 + assert str(cookie) == "powertools=test; Path=/; Max-Age=100; Secure" + + +def test_cookie_with_max_age_negative(): + # GIVEN a cookie with a negative max age + cookie = Cookie(name="powertools", value="test", path="/", max_age=-100) + + # WHEN getting the cookie's attributes + # THEN the path attribute should be set to the provided value and Max-Age must be 0 + assert cookie.name == "powertools" + assert cookie.value == "test" + assert cookie.path == "/" + assert str(cookie) == "powertools=test; Path=/; Max-Age=0; Secure" + + +def test_cookie_with_http_only(): + # GIVEN a cookie with http_only + cookie = Cookie(name="powertools", value="test", path="/", http_only=True) + + # WHEN getting the cookie's attributes + # THEN the path attribute should be set to the provided value + assert cookie.name == "powertools" + assert cookie.value == "test" + assert cookie.path == "/" + assert str(cookie) == "powertools=test; Path=/; HttpOnly; Secure" + + +def test_cookie_with_same_site(): + # GIVEN a cookie with same_site + cookie = Cookie(name="powertools", value="test", path="/", same_site=SameSite.STRICT_MODE) + + # WHEN getting the cookie's attributes + # THEN the path attribute should be set to the provided value + assert cookie.name == "powertools" + assert cookie.value == "test" + assert cookie.path == "/" + assert str(cookie) == "powertools=test; Path=/; Secure; SameSite=Strict" + + +def test_cookie_with_custom_attribute(): + # GIVEN a cookie with custom_attributes + cookie = Cookie(name="powertools", value="test", path="/", custom_attributes=["extra1=value1", "extra2=value2"]) + + # WHEN getting the cookie's attributes + # THEN the path attribute should be set to the provided value + assert cookie.name == "powertools" + assert cookie.value == "test" + assert cookie.path == "/" + assert str(cookie) == "powertools=test; Path=/; Secure; extra1=value1; extra2=value2" From 19b2b5ade0a6f6d5484ab90148b752ac647c1e49 Mon Sep 17 00:00:00 2001 From: Leandro Damascena Date: Wed, 10 Jul 2024 19:07:52 +0100 Subject: [PATCH 2/2] Add more fields to test --- tests/unit/test_cookie_class.py | 3 +++ 1 file changed, 3 insertions(+) diff --git a/tests/unit/test_cookie_class.py b/tests/unit/test_cookie_class.py index 0588b3be352..2b0aa3a37cb 100644 --- a/tests/unit/test_cookie_class.py +++ b/tests/unit/test_cookie_class.py @@ -86,6 +86,7 @@ def test_cookie_with_http_only(): assert cookie.name == "powertools" assert cookie.value == "test" assert cookie.path == "/" + assert cookie.http_only is True assert str(cookie) == "powertools=test; Path=/; HttpOnly; Secure" @@ -98,6 +99,7 @@ def test_cookie_with_same_site(): assert cookie.name == "powertools" assert cookie.value == "test" assert cookie.path == "/" + assert cookie.same_site == SameSite.STRICT_MODE assert str(cookie) == "powertools=test; Path=/; Secure; SameSite=Strict" @@ -110,4 +112,5 @@ def test_cookie_with_custom_attribute(): assert cookie.name == "powertools" assert cookie.value == "test" assert cookie.path == "/" + assert cookie.custom_attributes == ["extra1=value1", "extra2=value2"] assert str(cookie) == "powertools=test; Path=/; Secure; extra1=value1; extra2=value2"